A guest blog post by Jacob Gardner, Logicworks While cloud security is increasingly reliable, as noted in the most recent (and comprehensive) State of Cloud Security Report from Alert Logic, there is still the need for vigilance. Security, as much as it relies on technology, has to be a commitment made between a cloud customer and the service provider. Simply implementing a state-of-the-art Alert Logic IDS system and assuming that you are covered is a mistake. As the new report notes, many of the most successful attacks have relied on frequency, rather than anything more creative. This emphasis on repeated and sustained threats, coupled with inevitable human error, presents a constant need to hedge against lingering threats to infrastructure stability and security. Alert Logic does its part, providing the expertise and technology to effectively guard against a broad array of threats. But how does the cloud hosting provider (CHP) play a part?
- Vigilance: Offering 24x7x365 coverage for a broad range of clients, CHPs are always there – not simply when they need to be. This can make a world of difference in the event of a security breach. Having someone there to manage the situation can keep a failed hack from turning into a real problem.
- Proactivity: Even the swiftest reactions are not enough where security threats are concerned. Working along with Alert Logic expert technicians, managed service providers (MSPs) actively monitor any possible security threats. Think of it as having an invaluable, outsourced “extra eye” on your precious resources.
- Expertise: What’s the use of having an external technical team to support a company’s infrastructure and security needs if the front-line techs are inexperienced and not used to real-world situations? Depending on the CHP, the average tenure of their expert technical bench can vary. When vetting a provider, make sure to look into this — it can have serious implications on a team’s ability to anticipate, prevent and react to security breaches.
- Procedure: A large part of achieving the right level of security for your business is tied to the approach a CHP takes toward compliance requirements. Security breaches take all forms, so knowing there is a strong documented trail as well as a smart procedural approach to maintaining the security and compliance of a business’ cloud is an important indicator of how effective a CHP will be in maintaining infrastructure security.
- Communication: Without communication, security threats are the least of a company’s problems. Communication is critical for establishing the right expectations between client and provider, but it also builds the trust necessary for a CHP to effectively implement security tools that will truly work, such as Alert Logic’s solutions. Communication shouldn’t end at the technical level, of course. Compliance success also relies on good communication between a company and its CHP, as does successful execution of cloud strategy, and, ultimately, the achievement of business goals.
Security doesn’t end with a successfully mitigated threat. Security is a part of the larger goal of executing smart business strategy — an integral and ongoing part of how a CHP and a client’s businesses should work together to ensure success. For more insights from Jacob Gardner and other industry experts, please visit the Logicworks blog, Gathering Clouds, here: http://www.logicworks.net/blog/.